sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor cosmetics on tamper scripts

Browse Source
This commit is contained in:
Miroslav Stampar 2011-04-04 08:18:26 +00:00
parent 33d987805d
commit 3253882071
9 changed files with 75 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
tamper/between.py
View File

@ -11,39 +11,39 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.HIGHEST __priority__ = PRIORITY.HIGHEST
def tamper(value): def tamper(payload):
""" """
Replaces '>' with 'NOT BETWEEN 0 AND #' Replaces '>' with 'NOT BETWEEN 0 AND #'
Example: 'A > B' becomes 'A NOT BETWEEN 0 AND B' Example: 'A > B' becomes 'A NOT BETWEEN 0 AND B'
""" """
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
quote, doublequote, firstspace = False, False, False quote, doublequote, firstspace = False, False, False
for i in xrange(len(value)): for i in xrange(len(payload)):
if not firstspace: if not firstspace:
if value[i].isspace(): if payload[i].isspace():
firstspace = True firstspace = True
retVal += " " retVal += " "
continue continue
elif value[i] == '\'': elif payload[i] == '\'':
quote = not quote quote = not quote
elif value[i] == '"': elif payload[i] == '"':
doublequote = not doublequote doublequote = not doublequote
elif value[i] == ">" and not doublequote and not quote: elif payload[i] == ">" and not doublequote and not quote:
retVal += " " if i > 0 and not value[i-1].isspace() else "" retVal += " " if i > 0 and not payload[i-1].isspace() else ""
retVal += "NOT BETWEEN 0 AND" retVal += "NOT BETWEEN 0 AND"
retVal += " " if i < len(value) - 1 and not value[i+1].isspace() else "" retVal += " " if i < len(payload) - 1 and not payload[i+1].isspace() else ""
continue continue
retVal += value[i] retVal += payload[i]
return retVal return retVal

16
tamper/charencode.py
View File

@ -14,24 +14,24 @@ from lib.core.exception import sqlmapUnsupportedFeatureException
__priority__ = PRIORITY.LOWEST __priority__ = PRIORITY.LOWEST
def tamper(value): def tamper(payload):
""" """
Urlencodes all characters in a given value (not processing already encoded) Urlencodes all characters in a given payload (not processing already encoded)
Example: 'SELECT FIELD FROM%20TABLE' becomes '%53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45' Example: 'SELECT FIELD FROM%20TABLE' becomes '%53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45'
""" """
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
i = 0 i = 0
while i < len(value): while i < len(payload):
if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits: if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1] in string.hexdigits and payload[i+2] in string.hexdigits:
retVal += value[i:i+3] retVal += payload[i:i+3]
i += 3 i += 3
else: else:
retVal += '%%%X' % ord(value[i]) retVal += '%%%X' % ord(payload[i])
i += 1 i += 1
return retVal return retVal

16
tamper/charunicodeencode.py
View File

@ -14,24 +14,24 @@ from lib.core.exception import sqlmapUnsupportedFeatureException
__priority__ = PRIORITY.LOWEST __priority__ = PRIORITY.LOWEST
def tamper(value): def tamper(payload):
""" """
Replaces value with unicode-urlencode of non-encoded chars in value (not processing already encoded) Replaces payload with unicode-urlencode of non-encoded chars in payload (not processing already encoded)
Example: 'SELECT FIELD%20FROM TABLE' becomes '%u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045' Example: 'SELECT FIELD%20FROM TABLE' becomes '%u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045'
""" """
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
i = 0 i = 0
while i < len(value): while i < len(payload):
if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits: if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1] in string.hexdigits and payload[i+2] in string.hexdigits:
retVal += "%%u00%s" % value[i+1:i+3] retVal += "%%u00%s" % payload[i+1:i+3]
i += 3 i += 3
else: else:
retVal += '%%u00%X' % ord(value[i]) retVal += '%%u00%X' % ord(payload[i])
i += 1 i += 1
return retVal return retVal

26
tamper/ifnull2ifisnull.py
View File

@ -11,39 +11,39 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.HIGHEST __priority__ = PRIORITY.HIGHEST
def tamper(value): def tamper(payload):
""" """
Replaces 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)' Replaces 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)'
Example: 'IFNULL(1, 2)' becomes 'IF(ISNULL(1), 2, 1)' Example: 'IFNULL(1, 2)' becomes 'IF(ISNULL(1), 2, 1)'
""" """
if value and value.find("IFNULL") > -1: if payload and payload.find("IFNULL") > -1:
while value.find("IFNULL(") > -1: while payload.find("IFNULL(") > -1:
index = value.find("IFNULL(") index = payload.find("IFNULL(")
deepness = 1 deepness = 1
comma, end = None, None comma, end = None, None
for i in xrange(index + len("IFNULL("), len(value)): for i in xrange(index + len("IFNULL("), len(payload)):
if deepness == 1 and value[i] == ',': if deepness == 1 and payload[i] == ',':
comma = i comma = i
elif deepness == 1 and value[i] == ')': elif deepness == 1 and payload[i] == ')':
end = i end = i
break break
elif value[i] == '(': elif payload[i] == '(':
deepness += 1 deepness += 1
elif value[i] == ')': elif payload[i] == ')':
deepness -= 1 deepness -= 1
if comma and end: if comma and end:
A = value[index + len("IFNULL("):comma] A = payload[index + len("IFNULL("):comma]
B = value[comma + 1:end] B = payload[comma + 1:end]
newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A) newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
value = value[:index] + newVal + value[end+1:] payload = payload[:index] + newVal + payload[end+1:]
else: else:
break break
return value return payload

6
tamper/randomcase.py
View File

@ -15,15 +15,15 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.NORMAL __priority__ = PRIORITY.NORMAL
def tamper(value): def tamper(payload):
""" """
Replaces each character with random case value Replaces each character with random case value
Example: 'INSERT' might become 'InsERt' Example: 'INSERT' might become 'InsERt'
""" """
retVal = value retVal = payload
if value: if payload:
for match in re.finditer(r"[A-Za-z_]+", retVal): for match in re.finditer(r"[A-Za-z_]+", retVal):
word = match.group() word = match.group()

10
tamper/randomcomments.py
View File

@ -15,16 +15,16 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW __priority__ = PRIORITY.LOW
def tamper(value): def tamper(payload):
""" """
Add random comments to SQL keywords in value Add random comments to SQL keywords
Example: 'INSERT' becomes 'IN/**/S/**/ERT' Example: 'INSERT' becomes 'IN/**/S/**/ERT'
""" """
retVal = value retVal = payload
if value: if payload:
for match in re.finditer(r"[A-Za-z_]+", retVal): for match in re.finditer(r"[A-Za-z_]+", payload):
word = match.group() word = match.group()
if len(word) < 2: if len(word) < 2:

18
tamper/space2comment.py
View File

@ -11,36 +11,36 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW __priority__ = PRIORITY.LOW
def tamper(value): def tamper(payload):
""" """
Replaces ' ' with '/**/' Replaces ' ' with '/**/'
Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM/**/users' Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM/**/users'
""" """
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
quote, doublequote, firstspace = False, False, False quote, doublequote, firstspace = False, False, False
for i in xrange(len(value)): for i in xrange(len(payload)):
if not firstspace: if not firstspace:
if value[i].isspace(): if payload[i].isspace():
firstspace = True firstspace = True
retVal += "/**/" retVal += "/**/"
continue continue
elif value[i] == '\'': elif payload[i] == '\'':
quote = not quote quote = not quote
elif value[i] == '"': elif payload[i] == '"':
doublequote = not doublequote doublequote = not doublequote
elif value[i]==" " and not doublequote and not quote: elif payload[i]==" " and not doublequote and not quote:
retVal += "/**/" retVal += "/**/"
continue continue
retVal += value[i] retVal += payload[i]
return retVal return retVal

19
tamper/space2plus.py
View File

@ -11,36 +11,35 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW __priority__ = PRIORITY.LOW
def tamper(value): def tamper(payload):
""" """
Replaces ' ' with '+' Replaces ' ' with '+'
Example: 'SELECT id FROM users' becomes 'SELECT+id+FROM+users' Example: 'SELECT id FROM users' becomes 'SELECT+id+FROM+users'
""" """
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
quote, doublequote, firstspace = False, False, False quote, doublequote, firstspace = False, False, False
for i in xrange(len(value)): for i in xrange(len(payload)):
if not firstspace: if not firstspace:
if value[i].isspace(): if payload[i].isspace():
firstspace = True firstspace = True
retVal += "+" retVal += "+"
continue continue
elif value[i] == '\'': elif payload[i] == '\'':
quote = not quote quote = not quote
elif value[i] == '"': elif payload[i] == '"':
doublequote = not doublequote doublequote = not doublequote
elif value[i]==" " and not doublequote and not quote: elif payload[i]==" " and not doublequote and not quote:
retVal += "+" retVal += "+"
continue continue
retVal += value[i] retVal += payload[i]
return retVal return retVal

18
tamper/space2randomblank.py
View File

@ -13,37 +13,37 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW __priority__ = PRIORITY.LOW
def tamper(value): def tamper(payload):
""" """
Replaces ' ' with a random blank char from a set ('\r', '\n', '\t') Replaces ' ' with a random blank char from a set ('\r', '\n', '\t')
Example: 'SELECT id FROM users' becomes 'SELECT\rid\tFROM\nusers' Example: 'SELECT id FROM users' becomes 'SELECT\rid\tFROM\nusers'
""" """
blanks = ['\r', '\n', '\t'] blanks = ['\r', '\n', '\t']
retVal = value retVal = payload
if value: if payload:
retVal = "" retVal = ""
quote, doublequote, firstspace = False, False, False quote, doublequote, firstspace = False, False, False
for i in xrange(len(value)): for i in xrange(len(payload)):
if not firstspace: if not firstspace:
if value[i].isspace(): if payload[i].isspace():
firstspace = True firstspace = True
retVal += random.choice(blanks) retVal += random.choice(blanks)
continue continue
elif value[i] == '\'': elif payload[i] == '\'':
quote = not quote quote = not quote
elif value[i] == '"': elif payload[i] == '"':
doublequote = not doublequote doublequote = not doublequote
elif value[i]==" " and not doublequote and not quote: elif payload[i]==" " and not doublequote and not quote:
retVal += random.choice(blanks) retVal += random.choice(blanks)
continue continue
retVal += value[i] retVal += payload[i]
return retVal return retVal